<?php

defined('SYSPATH') or die('No direct script access.');

class Controller_Service_Auth extends Controller_Service_Basic {

    public function action_request_session() {
        $api_key = Arr::get($_REQUEST, 'api_key');
        if ($api_key != Controller_Helper_Api::API_KEY) {
            $this->setStatus(Controller_Helper_Api::API_CONTENT_STATUS_ERROR_APIKEY);
            $this->setMessage(Controller_Helper_Api::API_CONTENT_MESSAGE_ERROR_APIKEY);
            $this->export();
        }
        $s_request_session = new Model_Service_Request_Session();
        $en_request_session = new Domain_Entities_Request_Session();
        $session_key = md5(uniqid() . time());
        $expired = date("Y-m-d H:i:s", strtotime('+5 hours'));
        $en_request_session->setsession_key($session_key);
        $en_request_session->setexpired($expired);
        $en_request_session->setcreated(date("Y-m-d H:i:s", strtotime('now')));
        $s_request_session->insert($en_request_session);

        $this->setData(array('session_key' => $session_key, 'expired' => $expired));

        $this->setStatus(Controller_Helper_Api::API_STATUS_OK);
        $this->setMessage(Controller_Helper_Api::API_MESSAGE_OK);
        $this->export();
    }

    public function action_login() {
        $session_key = Arr::get($_REQUEST, 'session_key');
        $username = Arr::get($_REQUEST, 'username');
        $password = Arr::get($_REQUEST, 'password');
        if (empty($session_key) || empty($username) || empty($password)) {
            $this->setStatus(Controller_Helper_Api::API_STATUS_PARAM_MISSING);
            $this->setMessage(Controller_Helper_Api::API_MESSAGE_PARAM_MISSING);
            $this->export();
        }
        $s_request_session = new Model_Service_Request_Session();
        $en_rs = $s_request_session->get($session_key)->get_data();
        if ($en_rs->getId() <= 0) {
            $this->setStatus(Controller_Helper_Api::API_AUTH_STATUS_SESSION_INVALID);
            $this->setMessage(Controller_Helper_Api::API_AUTH_MESSAGE_SESSION_INVALID);
            $this->export();
        }

        $todays_date = date("Y-m-d H:i:s", strtotime("now"));

        $today = strtotime($todays_date);
        $expired_time = $en_rs->getExpired();
        $expiration_date = strtotime($expired_time);

        if ($expiration_date <= $today) {
            $this->setStatus(Controller_Helper_Api::API_AUTH_STATUS_SESSION_EXPIRED);
            $this->setMessage(Controller_Helper_Api::API_AUTH_MESSAGE_SESSION_EXPIRED);
            $this->export();
        }

        $s_user = new Model_Service_User();
        $s_error = $s_user->validate_login($username, $password, '', 'vn/admin/login/error');

        if (!empty($s_error)) {
            $this->setStatus(Controller_Helper_Api::API_STATUS_LOGIN_FAIL);
            $this->setMessage($s_error);
            $this->export();
        }

        //created token
        $session_key = md5(uniqid() . time());
        $expired = date("Y-m-d H:i:s", strtotime('2 years'));
        $s_session = new Model_Service_Session_User();
        $en_user = $s_user->get_by_username($username)->get_data();
        $en_session = $s_session->get_by_user_id($en_user->getId(), 'MOBILE')->get_data();
        $en_session->setUser_id($en_user->getId());
        $en_session->setexpired($expired);
        $en_session->setsession_key($session_key);
        $en_session->setType('MOBILE');

        if ($en_session->getId() <= 0) {

            $en_session->setCreated(date("Y-m-d H:i:s", strtotime('now')));
            $s_session->insert($en_session);
        } else {
            $en_session->setModified(date("Y-m-d H:i:s", strtotime('now')));
            $s_session->update($en_session);
        }

        $this->setData(array('token' => $session_key, 'expired' => $expired));
        $this->setStatus(Controller_Helper_Api::API_STATUS_OK);
        $this->setMessage(Controller_Helper_Api::API_MESSAGE_OK);
        $this->export();
    }

    public function action_forgetpassword() {
        $session_key = Arr::get($_REQUEST, 'session_key');
        $username = Arr::get($_REQUEST, 'username');

        if (empty($session_key) || empty($username)) {
            $this->setStatus(Controller_Helper_Api::API_STATUS_PARAM_MISSING);
            $this->setMessage(Controller_Helper_Api::API_MESSAGE_PARAM_MISSING);
            $this->export();
        }
        $s_request_session = new Model_Service_Request_Session();
        $en_rs = $s_request_session->get($session_key)->get_data();
        if ($en_rs->getId() <= 0) {
            $this->setStatus(Controller_Helper_Api::API_AUTH_STATUS_SESSION_INVALID);
            $this->setMessage(Controller_Helper_Api::API_AUTH_MESSAGE_SESSION_INVALID);
            $this->export();
        }

        $todays_date = date("Y-m-d H:i:s", strtotime("now"));

        $today = strtotime($todays_date);
        $expired_time = $en_rs->getExpired();
        $expiration_date = strtotime($expired_time);

        if ($expiration_date <= $today) {
            $this->setStatus(Controller_Helper_Api::API_AUTH_STATUS_SESSION_EXPIRED);
            $this->setMessage(Controller_Helper_Api::API_AUTH_MESSAGE_SESSION_EXPIRED);
            $this->export();
        }
        $s_user = new Model_Service_User();
        $en_user = $s_user->get_by_username($username)->get_data();
        if($en_user->getId() <= 0){
            $this->setStatus(Controller_Helper_Api::API_STATUS_USER_NOT_EXISTING);
            $this->setMessage(Controller_Helper_Api::API_MESSAGE_USER_NOT_EXIXTING);
            $this->export();
        }
        $password = rand(10000, 99999);
        $en_user->setPassword($password);
        $s_user->update($en_user);
        
        //send email
        $config = Kohana::$config->load('email');
        $email = new Email();
        $email->from($config->REQUEST_MAIL);
        $email->to($en_user->getEmail());
        $email->subject("Reset Password");
        $email->message('New password: '.$password, 'text/html');
        $email->send();

        $this->setStatus(Controller_Helper_Api::API_STATUS_OK);
        $this->setMessage(Controller_Helper_Api::API_MESSAGE_OK);
        $this->export();
    }

}
